Closed stridge-cruxml closed 1 year ago
I am running fpolicyd-cli --check-path and get a segmentation fault.
fpolicyd-cli --check-path
lt_read_db() is returning a static string which is then freed.
lt_read_db()
static const char *db = DB_NAME; ... lt_read_bd() { ... if (operation == READ_TEST_KEY) return (char *)db; ... } ... read_trust_db() { int mode = READ_TEST_KEY; ... res = lt_read_db(path, mode, error); ... if (sscanf(res, DATA_FORMAT, &tsource, &size, sha) != 3) { free(res); *error = 1; return 1; } ... }
lt_read_db() returns "trust.db" for me. This causes sscanf check to fail and then attempts free(res) causing a segmentation fault.
"trust.db"
sscanf
free(res)
I am running
fpolicyd-cli --check-path
and get a segmentation fault.lt_read_db()
is returning a static string which is then freed.lt_read_db()
returns"trust.db"
for me. This causessscanf
check to fail and then attemptsfree(res)
causing a segmentation fault.